OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Discrepancy in SAML Spec

Hi all,

I just found a discrepancy in the current published version of the SAML
2.0 Profiles specification.

On the one hand, the Web SSO Profile specifies (section, lines
"The <Assertion> element(s) in the <Response> MUST be signed, if the
HTTP POST binding is used."

On the other hand, section (lines 685-687) defines:
If the HTTP POST binding is used to deliver the <Response> each
assertion MUST be protected by a digital signature. This can be
accomplished by signing each individual <Assertion> element or by
signing the <Response> element.

I hope this is the correct mailing list for filing such an issue.

Best regards,

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]